L
Leessssoonn
55
Protecting the Server and Client
Knowledge Assessment
Multiple Choice
Circle the letter that corresponds to the best answer.
1. Which type of malware copies itself onto other computers without the owner’s consent and will often delete or corrupt files?
a. Virus
b. Worm c. Trojan horse d. Spyware
2. Which type of malware collects personal information or browsing history, often without the user’s knowledge?
a. Virus b. Worm c. Trojan horse
d. Spyware
3. Your computer seems to be slow, and you notice that you have a different default web page than usual. What is most likely the cause of problems? a. Your ISP has slowed your network connection.
b. Your computer has been infected with malware.
c. You did not update your computer. d. You accidentally clicked the turbo button.
4. Besides installing an antivirus software package, you should always ___________ to protect your computer against malware.
a. keep your machine up to date with the latest security patches
b. reboot your computer on a regular basis c. change your password on a regular basis d. spoof your IP address
5. A thoroughly tested, cumulative set of hotfixes and other patches is known as a(n):
a. recommended update. b. hotfix pack.
c. service pack.
6. What technology is used by Windows to prevent unauthorized changes to your system? a. UAC b. Protected mode c. Windows Defender d. ProtectGuard
7. When using UAC, which of the following requires administrative permissions or rights?
a. Installing updates from Windows update
b. Changing the date and time
c. Resetting the network adapter
d. Installing drivers from Windows update or attached with the operating system
8. What mechanism is working when you try to change a computer’s display settings and you get a pop-up asking whether you wish to continue? a. Windows Firewall
b. Protected Mode c. Windows Update
d. UAC
9. What host-based firewall software comes with current versions of Windows?
a. Windows Firewall
b. Windows Protected Mode c. UAC
d. Windows GuardIt
10. What program would you use to configure IPsec on a computer running Windows Server 2008?
a. Windows Firewall with IPsec Plugin b. IPsec Monitor
c. Windows with Advanced Security
d. IPsec Configuration console
11. If you have sensitive or confidential information stored in your offline files, it is recommended that you:
a. clear your cache.
b. encrypt the offline files.
c. clear your cookies. d. execute ipconfig /renewip.
12. You determine that legitimate emails are being blocked by your spam- blocking device. What should you do?
a. Flush out the quarantined items b. Reboot the spam-blocking device
d. Add the address or domain for these emails to the black list 13. SMTP uses TCP port: a. 43. b. 25. c. 80. d. 443.
14. How many content zones are there in Internet Explorer? a. 1
b. 2
c. 4
d. 8
15. Say that you receive an email stating that your account has just expired and asking you to log in to a legitimate-looking website to fix the problem. This is most likely an instance of:
a. phishing.
b. pharming. c. phaking.
d. IP address spoofing.
Fill in the Blank
Complete the following sentences by writing the correct word or words in the blanks provided.
1. Malicious software (malware) is software that is designed to infiltrate or infect a computer, usually with ill intent.
2. A(n) worm is a self-replicating program that copies itself to other computers while consuming network resources.
3. Microsoft’s antispyware program is called Windows Defender. 4. For antivirus software to be effective, it must be kept up to date. 5. An example of a(n) virus hoax is a message saying to delete the
win.com file because it is a virus.
6. If you want to control what updates get pushed to clients within your organization, you would use Windows Update Server (WUS) or
System Center Configuration Manager.
7. Secure desktop is when you are asked if you want to continue with an action and your desktop is dimmed and other programs are temporary halted until you approve the change.
8. Offline files are copies of network files that are stored on your computer so that you can access them when you are not connected to the network.
9. Spam is another name for junk email.
10. Sender Policy Framework (SPF) is an email validation system that is designed to verify that an email is coming from the proper email server.
Competency Assessment
Scenario 5-1: Checking Physical Security
You were just hired as an IT administrator for the ABC Company. Across from your desk, there is a table with seven physical servers. You go to your boss and ask why the servers are out in the open and not locked up. He says there are located on the table so that they can be easily monitored and watched. How should you respond to your boss?
If people have physical access to a server, they could yank or cut cables or shut down a server, causing a denial of service. In addition, if they remove the hard drives from a server, they could connect that hard drive to another computer of which they are an administrator. This would allow them to access all files on the hard drive—including any confidential information.
Scenario 5-2: Programming Backdoors
You have been hired as a security consultant for the Contoso Corporation. One day, you are working with the CIO on a new comprehensive security policy for the company. Although the CIO is not a programmer herself, she wants to understand how she can keep programmers from creating a backdoor on the programs they create for the company. What do you tell her?
When you have programmers creating applications for your organization, you need to establish a review and auditing process that will check their work. This would include reviewing all source code.
Proficiency Assessment
Scenario 5-3: Scanning with Microsoft Baseline Security
Analyzer
Download and install the newest Microsoft Baseline Security Analyzer on a Windows server, then scan the computer for missing security updates and less-optimal security settings.
1. Download and install the newest Microsoft Baseline Security Analyzer. Currently, it is located at
http://www.microsoft.com/downloads/details.aspx?FamilyID=b1e76bbe-71df-41e8- 8b52-c871d012ba78&displaylang=en.
2. Double-click the executable file that you downloaded. 3. If you are asked to install the file, click the Run button. 4. When the Welcome screen appears, click Next. 5. Click I accept the license agreement, then click Next. 6. When asked for the destination folder, click Next. 7. Click Install.
8. When the program is successfully installed, click OK.
9. Click Start, select All Programs, and select Microsoft Baseline Security
Analyzer.
10. Click Scan a computer. 11. Click the Start Scan button. 12. Click View the Results.
Scenario 5-4: Looking at Windows Updates
Go to http://www.microsoft.com/technet/security/bulletin/advance.mspx. Read the most recent advance notification or most recent security bulletin summary and review the executive summary. Determine how many security bulletins there are for the most recent month. Then run Windows Update to bring your system up to date with the newest patches.
Answers will vary. But to run Windows Update, do the following:
1. Click the Start button, select All Programs, and select Windows Update. 2. Click the Check for updates button.
3. Click the Optional updates are available option. 4. Select the Optional Updates and click the OK option. 5. Click the Install updates button.